Anti-corruption programme for Norges Bank Central Banking
1. Introduction
Norges Bank performs important public tasks and manages substantial assets on behalf of the nation. The Bank makes decisions that are of considerable importance for the business sector and private households. The Bank manages confidential information that could have an impact on market conditions. Large sums of money are involved in the Bank’s purchases of goods and services. The Bank must therefore in its activities uphold high ethical standards, respect human rights, behave responsibly and comply with applicable laws and rules. The Executive Board has stated that Norges Bank will not accept any form of corruption, whether involving employees, the Bank’s contractors or other contractual or third parties.
Corruption erodes ethical and moral values and is a threat to the rule of law, fundamental human rights and democracy. It also creates discrimination, is an impediment to social justice and undermines fair competition. Corruption is often linked to organised crime, money laundering and the financing of terror. Combating corruption is therefore about more than just protecting the Bank’s interests. It is also an important part of creating a sustainable economy and furthering political and social development.
Norges Bank Central Banking does not have activities in the countries where corruption is considered to be most prevalent. The risk of corruption is mainly that of a person soliciting, receiving or accepting the offer of an undue advantage on the strength of his or her position either as an employee of the Bank or as an external consultant, supplier or subcontractor.
Corruption risk is managed as part of a comprehensive risk framework. Other key elements of the anti-corruption programme include management backing, risk management, ethical rules, purchasing procedures, background checks for staff and suppliers, financial reporting and systematic training and controls.
2. Management backing, transparency and whistleblowing
The Executive Board has issued ethical principles for Norges Bank and a number of policy documents that form the foundations for the anti-corruption programme. The Executive Board presents the Bank’s work on corporate social responsibility in its annual report, and this includes work on ethics and anti-corruption. The Bank’s management assesses the need to update relevant policy documents at least once a year.
Norges Bank is to be accurate, prompt, predictable, transparent and responsible in its communication. The Bank will actively and in a timely manner communicate important and relevant information. Through the exchange of views and provision of information, employees can help identify risks, avoid unwanted events and prevent damage or loss for the Bank. Employees are encouraged to report potential breaches of ethical rules, as well as other incidents. The Bank has an internal whistleblowing system that enables employees and supplier employees to report wrongdoing where the usual channels are not appropriate. Whistleblowers are to be protected from reprisals and retaliation. Internal Audit serves as the central whistleblowing channel for the bank.
In new contracts, suppliers’ own personnel are also encouraged to report possible wrongdoing in the implementation of the contract with Norges Bank. Where the standard reporting lines are not appropriate, supplier personnel may report such matters to Norges Bank’s Internal Audit unit.
3. Risk management and corporate governance
The Ministry of Finance has issued a specific regulation on risk management and internal control at Norges Bank. Norges Bank takes a holistic and systematic approach to managing all risks. Risk assessments are performed regularly as an integral part of operational management. Corruption risks are treated the same as other risks in terms of risk levels, risk tolerance, preventive measures and the handling of any incidents.
Systematic risk assessments are performed periodically. These include an evaluation of the quality of controls and the status of risk reduction measures, and a review of incidents and other risk indicators. The results are reported to the Executive Board twice a year.
Norges Bank has rules on authorised signatories governing who is entitled to sign on behalf of the Bank. Two signatures are normally required. Authorities are documented and are also set out in job descriptions. The Governor has set limits for the value of framework agreements, purchasing contracts and so on that managers may sign.
4. Ethics
The Executive Board has issued ethical principles for employees of Norges Bank, and the Governor has issued Conduct Policy for employees in Norges Bank Central Banking. These set out strict rules on confidentiality, inside information, conflicts of interest and accepting invitations. There are restrictions on employees’ right to trade in financial instruments, foreign exchange and fixed-income products. There is an ongoing obligation to disclose personal trading, secondary occupations and gifts. Employees must not accept gifts and personal benefits for themselves or others from the Bank’s business contacts or from others when performing work or service for Norges Bank that may constitute a personal advantage for the employee or that could, or may be intended to, influence the employee’s performance of his or her duties. The rules on gifts are intended partly to prevent corruption. The Bank has rules on money laundering and procedures where there is a suspicion of serious illegal acts.
All employees have an independent responsibility to contribute to safeguarding Norges Bank’s reputation. Employees must also refrain from acts that even if lawful pose a reputational risk to the Bank. This means that employees are required to act in an ethically responsible manner and are prohibited from engaging in illegal acts including corruption, fraud, embezzlement, etc, and other forms of dereliction of duty that could undermine Norges Bank’s reputation. Anti-corruption is about more than prescriptions and prohibitions set out in laws and regulations – it is also about individual attitudes and choices.
5. Procurement
Procurement must comply with the rules on public procurement and the relevant provisions of the Freedom of Information Act. Procurement must observe basic principles of competition, equal treatment, predictability, verifiability and proportionality. A central procurement function is involved in all purchases. The procurement function is responsible for Norges Bank Central Banking complying with internal and external guidelines on public procurement.
Suppliers with access to the Bank’s premises or systems must undertake to adhere to a special set of ethical guidelines based on ethical principles laid down by the Executive Board. Suppliers and third parties acting on their behalf must agree, for example, to refrain from illegal acts, including any form of corruption.
6. Security
Norges Bank sets security requirements for both employees and suppliers.
Background checks for employees and temporary staff are an important part of the anti-corruption programme. All those who work at Norges Bank, whether as employees or on a temporary basis, must sign a confidentiality undertaking. The same applies to participants in invitations to tender.
As a general rule, employees, temporary staff and supplier personnel with unaccompanied access to Norges Bank’s premises or Norges Bank’s internal information and information systems must have a security clearance based on a background check. The decision on security clearance is based on an overall individual assessment of the information obtained. Information from police certificates and credit checks is normally included. Employees and supplier personnel are to be given information and training to ensure that the individual has the knowledge, motivation and attitudes required for the desired conduct in terms of security.
The Bank sets security requirements for suppliers on the basis of risk assessments. These security requirements are included in the contracts with suppliers. Besides background checks for supplier personnel, there might be requirements for information systems, technical requirements, requirements for the storage of information and requirements for the physical security of premises. Norges Bank also conducts security inspections of suppliers.
7. Financial reporting
Financial reporting helps identify suspected financial irregularities and corruption. Well-functioning and documented division of responsibilities is fundamental when it comes to financial assets. The Bank’s financial statements are prepared in accordance with a specific regulation on its annual financial statements, as well as the requirements of the Accounting Act and International Financial Reporting Standards (IFRS). Norges Bank’s accounting policies are documented in an accounting manual. Processes (including controls) leading up to financial disclosures are updated regularly and reviewed annually. The financial statements are audited by an external auditor under an agreement with Norges Bank’s Supervisory Council.
8. Information, training and development
Employees in the Governor’s area of responsibility are to have a clear understanding of the work on ethics and anti-corruption. Everyone is given information and training on the ethical rules. Special training and information is provided for all new recruits in the form of confirmation that the rules have been read and understood, individual training, e-learning and dilemma exercises. Every year, all employees must complete a questionnaire on the ethical rules and confirm that the rules have been read and understood. The GRC unit also provides information on the intranet and bespoke training for specific units and individuals. GRC deals with any questions about the rules and assists line management with training for suppliers.
Norges Bank Central Banking has its own intranet page on anti-corruption which brings together both external and internal rules. The page includes links to relevant websites.
9. Control and follow-up
Norges Bank Central Banking has an internal control model based on three lines of defence.
The first-line functions are operational risk management and control activities performed by the business lines. They identify, assess, decide on and manage risks and are responsible for risk mitigating measures and for compliance with internal and external requirements. All managers are responsible for risk management in their areas of responsibility and under their authority and shall have the authority to implement risk mitigating measures.
The second-line functions have an advisory and monitoring role. They are responsible for developing and maintaining risk management and internal control frameworks; monitor, verify and report on risk and the effectiveness of controls and measures; facilitate implementation of internal control; and follow up compliance with external and internal rules. The Director of risk control and compliance has the right and duty wherever it is deemed necessary to independently report material risks to the Executive Board. This Director is responsible for the anti-corruption programme for Norges Bank Central Banking.
The third-line function (internal audit) has an independent audit role. It shall support the Executive Board in its follow-up of Norges Bank’s activities by providing independent assessments and advice on the Bank’s risk management and internal control.